Compute file SHA512 on upload

[zachmullen]

This now computes SHA-512 on files after their blob is set, i.e. at the closure of the upload flow. This PR attempts to provide at-most-once semantics for setting a blob on a file. Computing the checksum is an idempotent task, but it's important for security reasons that a blob is not able to be set more than once, otherwise it would be possible to forge a checksum via a race condition on the celery tasks. With that in mind, reviewers should convince themselves that the use of select_for_update sufficiently enforces this policy.

[mgrauer]

Can you explain a bit more about the checksum forging?

I'd also like you to expand the comment that says that you lock the row to say why you are locking the row, I put a single line review at the relevant spot.